This happens when you have inputted a wrong private key input in the openssl_sign(). The third parameter is actually the “private key id” received from a call on openssl_get_privatekey(). But often its mistakenly gets passed with a string value of the private key lines.